Adobe ColdFusion Multiple Vulnerabilities (APSB11-14) (credentialed check)
Medium Nessus Plugin ID 55542
SynopsisA web-based application running on the remote Windows host is affected by multiple vulnerabilities.
DescriptionThe version of Adobe ColdFusion running on the remote Windows host is affected by an unspecified cross-site request forgery (XSRF) vulnerability and a denial of service (DoS) vulnerably. Versions 8, 8.0.1, 9, and 9.0.1 are affected.
A remote attacker can exploit the XSRF vulnerability by tricking a user into making a malicious request, resulting in administrative access. The DoS vulnerability can be exploited to impact availability in an unspecified manner.
SolutionApply the relevant hotfixes referenced in the Adobe advisory.